egutierrez aab4f12fc4 fix(0128): XSS scheme allowlist + drop dead fileID ...

review findings:
- MessageBody: only http(s) and relative paths allowed for links;
  data:image/* allowed for inline images. Rejects javascript:,
  data:text/html, vbscript: which would execute via <a href>.
  Unsafe matches fall back to plain text.
- files.go: remove unused fileID var generated then discarded.

2026-05-27 11:04:20 +02:00

backend

fix(0128): XSS scheme allowlist + drop dead fileID

2026-05-27 11:04:20 +02:00

dev

chore: auto-commit (23 archivos)

2026-05-13 18:40:22 +02:00

e2e

chore: bump kanban 0.1.0 -> 0.2.0 + e2e smoke (issue 0128)

2026-05-27 10:52:06 +02:00

frontend

fix(0128): XSS scheme allowlist + drop dead fileID

2026-05-27 11:04:20 +02:00

.gitignore

chore: bump kanban 0.1.0 -> 0.2.0 + e2e smoke (issue 0128)

2026-05-27 10:52:06 +02:00

app.md

chore: bump kanban 0.1.0 -> 0.2.0 + e2e smoke (issue 0128)

2026-05-27 10:52:06 +02:00

CHAT_PLAN.md

chore: sync from fn-registry agent

2026-05-06 19:04:45 +02:00

docker-compose.yml

chore: auto-commit (5 archivos)

2026-05-09 18:11:24 +02:00

Dockerfile

chore: auto-commit (5 archivos)

2026-05-09 18:11:24 +02:00

operations.db.bak.20260512_154420

chore: auto-commit (23 archivos)

2026-05-13 18:40:22 +02:00

operations.db.bak.pre010.20260513_134238

chore: auto-commit (23 archivos)

2026-05-13 18:40:22 +02:00

operations.db.bak.pwd.20260512_182123

chore: auto-commit (23 archivos)

2026-05-13 18:40:22 +02:00

registry.db

chore: auto-commit (1 archivos)

2026-05-19 01:37:33 +02:00

run.sh

feat(kanban): deadlines en cards (context menu, badges, calendario, history)

2026-05-09 03:45:36 +02:00

traefik-dynamic.yml

chore: auto-commit (5 archivos)

2026-05-09 18:11:24 +02:00

S

Description

Synced from fn_registry

10 MiB

Languages

Go 48.6%

TypeScript 48.4%

Shell 2.5%

CSS 0.4%